Shreya Patni
Reputation: 62
Forward syslog stream using Splunk Forwarder
How can I forward syslog stream using Splunk Universal Forwarder?
I have a centos7 system, and I want to forward the stream eg. localx without having to write it to disk. Currently, I am only able to forward if I write the stream to disk and configure the forwarder to consume the file.
Upvotes: 0
Views: 482
Answers (1)
RichG
Reputation: 9976
If you insist on using the UF then writing to disk is the way.
If you want to avoid writing to disk and are open to a non-UF solution, then consider Splunk Connect for Syslog (SC4S). It's a docker app that receives syslog streams and sends them to Splunk HEC inputs. See https://splunkbase.splunk.com/app/4740/ for more information.
Upvotes: 2
Related Questions
- Forward Flex Gateway Logs to Splunk
- Splunk forwarder gets blocked if one output destination is down
- Splunk Universal Forwarder not sending data to Indexer
- MuleSoft Log Forwarding from On-Premise to Splunk
- Forwarding logs from kubernetes to splunk
- How to forward application logs to Splunk from docker container?
- Splunk Web only monitoring files from /var/log directory of forwarder
- I am trying to forward my apache logs to rsyslog then to splunk
- Delete logs from server using Splunk Universal forwarder
- how to configure logs as data source from remote unix server in splunk